This week marks the return of Black Hat USA, and the JASK team is excited to once again be headed to Las Vegas to take part in the world’s leading information security event. JASK will be sharing insights into how the modern threat landscape has forced leading companies to reboot their security operations strategies and running demos of its advanced cloud-native SIEM — JASK Autonomous Security Operations Center (ASOC) platform — at booth #1338.
The increasing sophistication and persistence of cybercriminal activity is requiring security operations teams to rethink how they use people, process and technology. The antiquated practice of running a SOC as a human-led 24/7 tiered analyst system using a SIEM or log management tool to correlate alerts for manual investigation has proved inept. What is needed is a re-imagined notion of the SIEM/SOC platform where intelligent automation is the driving force in alleviating the data burden facing today’s analysts.
JASK Product Marketing Director Dana Torgersen and JASK Director of Security and Product Architecture Dan Wachdorf will be holding a presentation on these truths and the current state of security operations at the JASK booth throughout the day during expo hours on Wednesday, August 7th and Thursday, August 8th. The presentation will be titled Security Insanity: Drowning in Alerts. During the presentation, Dana and Dan will explore the influx of cybercriminal activity organizations have been subject to over the past year, the financial toll it has taken, the sophistication behind today’s attacks and the resulting impact on security operations.
Dana and Dan will focus on the notable rise in the detection of fileless attacks and how this is increasingly enabling attackers to ‘live off the land’– meaning they are leveraging existing scripting capabilities like PowerShell and existing network management tools to propagate and laterally move within enterprise networks. Due to this nuanced activity, additional security tools for detection and response are required, which are generating more alerts and complexity for already overworked, understaffed SOC teams.
Dana and Dan will bring the issue of an unmanageable number of alerts and false positives created through expanded tech stacks to light by examining a case study from the JASK’s SpecOps team where attackers were able to essentially hide in the noise and carry out malicious activity.
Lastly, Dana and Dan will share tips and best practices in optimizing modern security operations and demonstrate how the JASK ASOC platform allows analysts to keep their heads above water.
We are looking forward to a great week among the best and brightest in the industry. If you are attending Black Hat, please stop by our booth. We are also pleased to share our white paper Solving the SOC Bottleneck: Automated Detection and Analytics for a look into how automation can alleviate the greatest challenges facing the modern SOC today. Hope you enjoy!
Holly Barker is the Senior Director of Marketing at JASK. She has over 10 years of corporate marketing, global event management, brand strategy, and channel marketing management experience at tech companies, with cyber security being a large part of the last few years of her career. She is lives in Austin with her husband, and toddler son, and will eat queso for any meal.